[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf macro syntax problems



Francis A. Vidal wrote:

I think you're missing a comma in between $host1 and $host2. It should
be:

all_hosts = "{ $host1, $host2 }"

This hasn't been true for some time. The comma is optional.



-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Russell Sutherland
Sent: Wednesday, June 30, 2004 2:00 AM
To: [email protected]
Subject: pf macro syntax problems

According to the pf FAQ:

        Macros can be defined recursively. Since macros are not expanded
within
        quotes the following syntax must be used:

                host1 = "192.168.1.1"
                host2 = "192.168.1.2"
                all_hosts = "{" $host1 $host2 "}"

However when one tries to use this syntax to create a list of networks
a syntax error occurs when checking the rule set using pfctl:

# cat nets.conf

        netA = "18.100.0.0/16"
        netB = "12.150.0.0/16"
        netC = "12.151.0.0/16"
        nets = "{" $netA $netB $netC "}"

        # pfctl -nvf ./nets.conf
        netA = "18.100.0.0/16"
        netB = "12.150.0.0/16"
        netC = "12.151.0.0/16"
        ./nets.conf:5: syntax error

This is covered in the archives. Search for "recursive macro" or something along those lines.





.joel